diff options
author | Matt Caswell <matt@openssl.org> | 2016-02-10 15:16:06 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2016-02-10 17:40:59 +0000 |
commit | 302f75887e52bbe0ab7a5806335a0a1264323b07 (patch) | |
tree | 704e3638b402a89e064f6cde7d893ad8b687581e /ssl | |
parent | 0fc32b0718ec210e03b6d8623d4819ed04615a1b (diff) | |
download | openssl-302f75887e52bbe0ab7a5806335a0a1264323b07.zip openssl-302f75887e52bbe0ab7a5806335a0a1264323b07.tar.gz openssl-302f75887e52bbe0ab7a5806335a0a1264323b07.tar.bz2 |
Attempt to log an error if init failed
If init failed we'd like to set an error code to indicate that. But if
init failed then when the error system tries to load its strings its going
to fail again. We could get into an infinite loop. Therefore we just set
a single error the first time around. After that no error is set.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/ssl_err.c | 4 | ||||
-rw-r--r-- | ssl/ssl_init.c | 14 |
2 files changed, 16 insertions, 2 deletions
diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c index 0d8bcd4..4dc8895 100644 --- a/ssl/ssl_err.c +++ b/ssl/ssl_err.c @@ -95,7 +95,7 @@ static ERR_STRING_DATA SSL_str_functs[] = { {ERR_FUNC(SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST), "DTLS1_SEND_HELLO_VERIFY_REQUEST"}, {ERR_FUNC(SSL_F_DTLS1_WRITE_APP_DATA_BYTES), "dtls1_write_app_data_bytes"}, - {ERR_FUNC(SSL_F_DTLSV1_LISTEN), "dtlsv1_listen"}, + {ERR_FUNC(SSL_F_DTLSV1_LISTEN), "DTLSv1_listen"}, {ERR_FUNC(SSL_F_DTLS_CONSTRUCT_CHANGE_CIPHER_SPEC), "dtls_construct_change_cipher_spec"}, {ERR_FUNC(SSL_F_DTLS_CONSTRUCT_HELLO_VERIFY_REQUEST), @@ -103,6 +103,8 @@ static ERR_STRING_DATA SSL_str_functs[] = { {ERR_FUNC(SSL_F_DTLS_GET_REASSEMBLED_MESSAGE), "dtls_get_reassembled_message"}, {ERR_FUNC(SSL_F_DTLS_PROCESS_HELLO_VERIFY), "dtls_process_hello_verify"}, + {ERR_FUNC(SSL_F_OPENSSL_INIT_SSL_LIBRARY_START), + "OPENSSL_INIT_ssl_library_start"}, {ERR_FUNC(SSL_F_READ_STATE_MACHINE), "read_state_machine"}, {ERR_FUNC(SSL_F_SSL3_ADD_CERT_TO_BUF), "SSL3_ADD_CERT_TO_BUF"}, {ERR_FUNC(SSL_F_SSL3_CALLBACK_CTRL), "ssl3_callback_ctrl"}, diff --git a/ssl/ssl_init.c b/ssl/ssl_init.c index 134aa00..e7fc63d 100644 --- a/ssl/ssl_init.c +++ b/ssl/ssl_init.c @@ -301,8 +301,20 @@ static void ssl_library_stop(void) */ int OPENSSL_init_ssl(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings) { - if (stopped) + static int stoperrset = 0; + + if (stopped) { + if (!stoperrset) { + /* + * We only ever set this once to avoid getting into an infinite + * loop where the error system keeps trying to init and fails so + * sets an error etc + */ + stoperrset = 1; + SSLerr(SSL_F_OPENSSL_INIT_SSL_LIBRARY_START, ERR_R_INIT_FAIL); + } return 0; + } if (!OPENSSL_init_crypto(opts | OPENSSL_INIT_ADD_ALL_CIPHERS | OPENSSL_INIT_ADD_ALL_DIGESTS, settings)) |